Legal claims defining the scope of protection, as filed with the USPTO.
1. A device for wireless communication, the device comprising: a processor including key logic configured to obtain a candidate group key corresponding to a data link group; and wireless interface circuitry configured to transmit an announcement message to one or more devices of the data link group during a paging window designated for the data link group, wherein the announcement message indicates availability of the candidate group key, wherein the announcement message comprises a multicast message, wherein the paging window is part of a transmission window, and wherein a beginning of the paging window is after an end of a first discovery window and an end of the paging window is before a beginning of a second discovery window.
2. The device of claim 1 , wherein the data link group includes multiple devices of a neighbor aware network (NAN) or a wireless mesh network.
3. The device of claim 1 , further comprising: a memory configured to store an active key set, one or more pairwise keys, a candidate key set, or a combination thereof, wherein the active key set includes an active group key, an active distribution key, an active group integrity key, or a combination thereof; and an encoder configured to encode the candidate group key to generate an encoded candidate group key, wherein the encoder is configured to encode the candidate group key based on the active group key, the active distribution key, or a particular pairwise key of the one or more pairwise keys.
4. The device of claim 1 , wherein the wireless interface circuitry is configured to transmit, during a data window of the transmission window, the candidate group key to a second device of the data link group as a unicast message.
5. The device of claim 1 , the processor further comprising message logic configured to generate a second multicast message that includes the candidate group key, the second multicast message comprising a public action frame or a data link group message, wherein the wireless interface circuitry is configured to transmit the second multicast message to the one or more devices.
6. The device of claim 1 , wherein the wireless interface circuitry is further configured to receive a second announcement message from a particular device of the data link group after transmission of the announcement message, the second announcement message indicating a second candidate group key, and wherein the key logic is configured to: select the second candidate group key in response to a determination that the second candidate group key has a higher priority than the candidate group key; and after expiration of a first group key as an active group key, set the second candidate group key as the active group key.
7. The device of claim 6 , wherein the key logic is configured to: determine a first priority of the candidate group key based on a first key indicator related to the candidate group key, wherein the first key indicator includes a medium access control (MAC) address, a hash value, a timestamp, or a combination thereof, wherein the hash value is generated based on the MAC address, the candidate group key, or both; determine a second priority of the second candidate group key based on a key indicator included in the second announcement message; and determine that the second candidate group key has a higher priority than the candidate group key based on a comparison of the first priority to the second priority.
8. The device of claim 1 , wherein the wireless interface circuitry is further configured to transmit a key delivery message including the candidate group key, wherein the key delivery message includes a key identifier indicating an expiration time of the candidate group key, and wherein the key logic is configured to generate a second candidate group key prior to the expiration time.
9. The device of claim 1 , wherein the candidate group key is included in a key delivery message, and wherein the key delivery message includes a key identification number, a key index, or both, wherein the key index indicates inactive group keys and an active group key, and wherein the key index enables devices of the data link group to determine the active group key.
10. The device of claim 1 , the key logic further configured to select, from a plurality of candidate group keys, a particular candidate group key as a next active group key, the plurality of candidate group keys including the candidate group key.
11. A method for wireless communication, the method comprising: obtaining a candidate group key at a first device of a data link group; and transmitting, from the first device to a second device of the data link group, an announcement message indicating availability of the candidate group key, wherein the announcement message is transmitted during a paging window designated for the data link group, wherein the announcement message comprises a multicast message, wherein the paging window is part of a transmission window, and wherein a beginning of the paging window is after an end of a first discovery window and an end of the paging window is before a beginning of a second discovery window.
12. The method of claim 11 , wherein the first device obtains the candidate group key by generating the candidate group key at the first device or by receiving the candidate group key at the first device from another device of the data link group, and wherein the candidate group key enables at least one of encryption or decryption of group addressed data messages corresponding to the data link group.
13. The method of claim 11 , further comprising, prior to obtaining the candidate group key: receiving a second announcement message from a third device of the data link group, wherein the second announcement message indicates that the candidate group key is available; and sending a request corresponding to the data link group to request the candidate group key.
14. The method of claim 11 , wherein the announcement message includes a key indicator, a data link group identifier of the data link group, a device identifier of a particular device that generated the candidate group key, or a combination thereof.
15. The method of claim 14 , wherein the key indicator comprises a medium access control (MAC) address of the first device, a hash value, a timestamp corresponding to generation of the candidate group key, or a combination thereof, wherein the hash value is generated based on the MAC address, the candidate group key, or both, and wherein the device identifier includes a second MAC address of the particular device.
16. The method of claim 11 , wherein the first device is associated with the second device when the first device transmits the announcement message, and further comprising: receiving, at the first device from the second device, a request to send the candidate group key from the first device to the second device; and sending the candidate group key from the first device to the second device after encrypting the candidate group key using a pairwise key, wherein the pairwise key enables secure communication between the first device and the second device.
17. The method of claim 11 , further comprising: after transmitting the announcement message, receiving a request for the first device to associate with the second device; making a security association with the second device, wherein a pairwise key corresponding to the first device and the second device is generated during the security association; and after completion of the security association, receiving a second request for the first device to send the candidate group key to the second device.
18. The method of claim 17 , wherein the first device operates as a key generator device of the data link group, and wherein other devices of the data link group do not operate as key generator devices prior to the first device ceasing operation as the key generator device, and further comprising: transmitting a message from the first device to the second device of the data link group, the message indicating the second device is to operate as the key generator device of the data link group; terminating key generation operations at the first device; and disassociating from the data link group by the first device, transitioning into a low power operating mode at the first device, or both.
19. A device for wireless communication, the device comprising: a processor including key logic configured to monitor a first communication channel during a paging window designated for a data link group, wherein the paging window is part of a transmission window, and wherein a beginning of the paging window is after an end of a first discovery window and an end of the paging window is before a beginning of a second discovery window; and wireless interface circuitry configured to receive an announcement message from a first device of the data link group during the paging window, the announcement message indicates availability of a candidate group key, wherein the announcement message comprises a multicast message.
20. The device of claim 19 , wherein the wireless interface is further configured to receive a key delivery message including an encoded candidate group key, and further comprising: a memory configured to store an active key set, one or more pairwise keys, a candidate key set, or a combination thereof, wherein the candidate key set includes the candidate group key, a candidate distribution key, a candidate group integrity key, or a combination thereof; and a decoder configured to decode the encoded candidate group key to generate the candidate group key based on an active group key, an active distribution key, or a particular pairwise key of the one or more pairwise keys.
21. The device of claim 20 , further comprising an encoder configured to encode the candidate group key to generate the encoded candidate group key, wherein the encoder is configured to encode the candidate group key based on the active group key, the active distribution key, or the particular pairwise key, and wherein the key logic is further configured to validate group addressed traffic based on an active integrity group key included in the active key set.
22. A method for wireless communication, the method comprising: monitoring, at a second device of a data link group, a first communication channel during a paging window designated for the data link group, wherein the paging window is part of a transmission window, and wherein a beginning of the paging window is after an end of a first discovery window and an end of the paging window is before a beginning of a second discovery window; and receiving an announcement message at the second device from a first device of the data link group during the paging window, the announcement message indicating availability of a candidate group key, wherein the announcement message comprises a multicast message.
23. The method of claim 22 , further comprising obtaining the candidate group key, wherein obtaining the candidate group key comprises: transmitting a trigger message to the first device in response to receiving the announcement message during the paging window; and receiving the candidate group key from the first device during a data window.
24. The method of claim 22 , further comprising: updating a counter, the counter related to an expiration of a prior group key; and halting updating the counter in response to receiving the announcement message prior to the counter reaching a particular value, the particular value related to generation of a new group key by the second device.
25. The method of claim 22 , further comprising: identifying a first key indicator included in the announcement message; receiving a second announcement message from a third device of the data link group during the paging window, the second announcement message including a second key indicator and indicating generation of a second candidate group key; transmitting a trigger message to the first device based on the first key indicator of the announcement message having higher priority than the second key indicator; and receiving the candidate group key from the first device.
26. The method of claim 22 , further comprising: prior to receiving the announcement message, initiating generation of a second candidate group key; and in response to receiving the announcement message, stopping generation of the second candidate group key.
27. The method of claim 22 , further comprising: in response to receiving the announcement message, determining whether the second device is associated with the first device; and in response to a determination that the first device is associated with the second device, requesting the candidate group key from the first device.
28. The method of claim 22 , further comprising: in response to receiving the announcement message, determining whether the second device is associated with the first device; and in response to a determination that the second device is unassociated with the first device: identifying a third device of the data link group that has received the candidate group key and that is associated with the second device, wherein the third device is identified during a time period that ends prior to expiration of an active group key of the data link group, wherein the time period begins after the announcement message is received and ends at a predetermined time before the expiration of the active group key; requesting the candidate group key from the third device; and receiving the candidate group key from the third device prior to the expiration of the active group key.
29. The method of claim 28 , further comprising: performing a security association with the third device in response to a determination that the second device is unassociated with the first device, wherein the security association establishes a pairwise key; receiving an encoded candidate group key from the third device; decoding the encoded candidate group key based on the pairwise key to generate the candidate group key at the second device; and storing the candidate group key at a memory.
30. The method of claim 22 , further comprising, in response to a determination that the second device is unassociated with the first device: identifying a predetermined time before expiration of an active group key of the data link group; prior to the predetermined time, sending a multicast request for the candidate group key to at least one device of the data link group; and receiving the candidate group key from a third device of the data link group responsive to the multicast request.
Unknown
October 2, 2018
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.